Solved

SAS Adapter for PC

Posted on 2013-12-09
5
392 Views
Last Modified: 2013-12-09
I am looking to implement SED drives for some desktop machines.  Because there are so few SATA SED (self encrypting) drives, it seems easier to use an SAS SED drive.

Anyone know of a reasonably priced SAS drive adapter that will go into a PC and allow the use of an internal SAS drive to replace the existing SATA drive.  I need one that can handle SAS SED drives.

Or some way to leverage the TPM chip in the desktop machine, so that if the hard drive is removed from the desktop machine, the encryption key is thus separated from the SED drive and the data is unreadable.
0
Comment
Question by:dakota5
  • 2
  • 2
5 Comments
 
LVL 47

Accepted Solution

by:
dlethe earned 400 total points
ID: 39706080
LSI has them, but you're in for some sticker shock.   It probably doesn't make sense to do this to a desktop computer.  

But if you must ...
Here is link for the software, and it tells you what MegaRaid controllers are compatible.  
http://www.lsi.com/products/raid-controllers/pages/megaraid-safestore-software.aspx

software & firmware $150, and cheapest controller 9260-4i maybe $350 or so.
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 100 total points
ID: 39706162
Again my article :)
http://www.experts-exchange.com/Security/Encryption/A_12134-Choosing-the-right-encryption-for-your-needs.html

TPM isn't all that great, and since the Gov't has a hard enough time against non-TPM software, I wouldn't even recommend its use. I don't trust it:
https://www.schneier.com/blog/archives/2005/08/trusted_computi.html
https://www.schneier.com/crypto-gram-0208.html#1
And UEFI is probably worse to trust: https://www.blackhat.com/presentations/bh-usa-07/Heasman/Presentation/bh-usa-07-heasman.pdf

I use TrueCrypt myself, Bruce Schneier uses TC, Snowden used TC. I think it's a good solution as well.

-rich
0
 
LVL 47

Assisted Solution

by:dlethe
dlethe earned 400 total points
ID: 39706208
I'm a professional storage developer/architect .. i assure you the SED / TCG is rock solid, fast, and safe.  It works flawlessly with RAID as well.  

As far as the government having troubles, they can't even get the ObamaCare site up after 3+ years and $1B, so  let's not use the government as a baseline for getting anything working right.

TrueCrypt, BitLocker & PGP can be decrypted easily with a $299 product.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39706323
>TrueCrypt, BitLocker & PGP can be decrypted easily with a $299 product.
Only when the OS is running, or has been in hibernation and it has to support a FireWire connection (and or be able to have a plug-n-play Firewire adapter). Passware and Elcomsoft both have the same "decryptor" but it only accesses the decryption key in RAM or from a hibernation file.
All covered in my article linked above btw :) Nothing wrong with hardware or software, but you have to know the attack vectors for each, and both have the same attack's, when the OS is running the data is not encrypted, when the OS is off, the data can't be accessed (save a plain-text hibernation for page file). Security is a process and not a program, you have to understand the risks and weigh the likelihood of the attacks as well.
-rich
0
 

Author Closing Comment

by:dakota5
ID: 39706425
Thank you for continuing with this line of questioning.  richcrumble has provided great background and high-level information, but I appreciate diethe giving me some practical information.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Server 2012 R2 Hardware Raid or Storage Spaces 9 124
Process for updating certificate in F5 2 60
Need recommendation for a data recovery company 19 116
hp mini 3 54
Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now